Details:
Multiple WiFi Protected Setup (WPS) implementations were reported to contain a vulnerability that could be leveraged to bypass authentication checks and gain privileged access to the targeted wireless devices. The vulnerability has been identified within the WPS specification and it enables brute force detection of the PIN used to authenticate a remote wireless user.

The vulnerability exists because the WPS specification allows a remote attacker to guess the 8 digit PIN being used to authenticate remote wireless users. The first 4 digits of this PIN could be guessed by attempting multiple connections to the wireless AP with incorrect PIN values and analyzing the received EAP-NACK responses.

The EAP-NACK messages provide information that could be leveraged to successfully calculate the first and second halves of the 8 digit PIN being used. The number of brute force attempts to guess the PIN is also reduced because the 8th digit of this PIN is always a checksum which can be easily derived. This analysis brings the total number of brute force attempts to be 104 + 103; i.e 11,000 attempts to successfully calculate the WPS PIN for the targeted AP.

Since most vendors, except for Netgear, do not implement a lock down functionality for blocking such brute force attempts, the time complexity to successfully execute this attack is reduced significantly. On some implementation the overhead of processing such rapid surge of authentication requests leads to an internal state corruption, which could only be recovered via a device reboot. This makes it possible to launch denial of service (DoS) attacks on the targeted AP.

Details:
CoCSoft Stream Down media download application is prone to a buffer overflow vulnerability that could be leveraged to execute remote code or to cause a denial of service condition on the targeted system.

The vulnerable application fails to impose sufficient size limits on user-supplied input before copying it to a fixed length destination buffer. This implementation flaw could allow injection of arbitrary shellcode into the targeted system's memory space, leading to a memory corruption error. Later execution of this shellcode could allow the attacker to launch additional attacks on the targeted system.

CoCSoft has not yet confirmed this vulnerability. Users are advised to immediately stop using the vulnerable application.